diff options
-rw-r--r-- | include/libssh/callbacks.h | 15 | ||||
-rw-r--r-- | include/libssh/libssh.h | 31 | ||||
-rw-r--r-- | include/libssh/pki.h | 9 | ||||
-rw-r--r-- | src/bind.c | 12 | ||||
-rw-r--r-- | src/legacy.c | 26 | ||||
-rw-r--r-- | src/pki.c | 140 | ||||
-rw-r--r-- | src/pki_crypto.c | 54 | ||||
-rw-r--r-- | src/pki_gcrypt.c | 36 | ||||
-rw-r--r-- | tests/unittests/torture_pki.c | 47 |
9 files changed, 197 insertions, 173 deletions
diff --git a/include/libssh/callbacks.h b/include/libssh/callbacks.h index 6189871..980480d 100644 --- a/include/libssh/callbacks.h +++ b/include/libssh/callbacks.h @@ -64,22 +64,7 @@ typedef void (*ssh_callback_int_int) (int code, int errno_code, void *user); typedef int (*ssh_message_callback) (ssh_session, ssh_message message, void *user); typedef int (*ssh_channel_callback_int) (ssh_channel channel, int code, void *user); typedef int (*ssh_channel_callback_data) (ssh_channel channel, int code, void *data, size_t len, void *user); -/** - * @brief SSH authentication callback. - * - * @param prompt Prompt to be displayed. - * @param buf Buffer to save the password. You should null-terminate it. - * @param len Length of the buffer. - * @param echo Enable or disable the echo of what you type. - * @param verify Should the password be verified? - * @param userdata Userdata to be passed to the callback function. Useful - * for GUI applications. - * - * @return 0 on success, < 0 on error. - */ -typedef int (*ssh_auth_callback) (const char *prompt, char *buf, size_t len, - int echo, int verify, void *userdata); /** * @brief SSH log callback. All logging messages will go through this callback * @param session Current session handler diff --git a/include/libssh/libssh.h b/include/libssh/libssh.h index de3480e..3acb5ae 100644 --- a/include/libssh/libssh.h +++ b/include/libssh/libssh.h @@ -417,6 +417,22 @@ LIBSSH_API int ssh_pcap_file_open(ssh_pcap_file pcap, const char *filename); LIBSSH_API enum ssh_keytypes_e ssh_privatekey_type(ssh_private_key privatekey); +/** + * @brief SSH authentication callback. + * + * @param prompt Prompt to be displayed. + * @param buf Buffer to save the password. You should null-terminate it. + * @param len Length of the buffer. + * @param echo Enable or disable the echo of what you type. + * @param verify Should the password be verified? + * @param userdata Userdata to be passed to the callback function. Useful + * for GUI applications. + * + * @return 0 on success, < 0 on error. + */ +typedef int (*ssh_auth_callback) (const char *prompt, char *buf, size_t len, + int echo, int verify, void *userdata); + LIBSSH_API ssh_key ssh_key_new(void); LIBSSH_API void ssh_key_free (ssh_key key); LIBSSH_API enum ssh_keytypes_e ssh_key_type(const ssh_key key); @@ -425,14 +441,17 @@ LIBSSH_API enum ssh_keytypes_e ssh_key_type_from_name(const char *name); LIBSSH_API int ssh_key_is_public(const ssh_key k); LIBSSH_API int ssh_key_is_private(const ssh_key k); -LIBSSH_API int ssh_pki_import_privkey_base64(ssh_session session, - const char *b64_key, +LIBSSH_API int ssh_pki_import_privkey_base64(const char *b64_key, const char *passphrase, + ssh_auth_callback auth_fn, + void *auth_data, ssh_key *pkey); -LIBSSH_API int ssh_pki_import_privkey_file(ssh_session session, - const char *filename, - const char *passphrase, - ssh_key *pkey); +LIBSSH_API int ssh_pki_import_privkey_file(const char *filename, + const char *passphrase, + ssh_auth_callback auth_fn, + void *auth_data, + ssh_key *pkey); + LIBSSH_API int ssh_pki_import_pubkey_base64(ssh_session session, const char *b64_key, enum ssh_keytypes_e type, diff --git a/include/libssh/pki.h b/include/libssh/pki.h index 2e9107c..60bac97 100644 --- a/include/libssh/pki.h +++ b/include/libssh/pki.h @@ -46,6 +46,8 @@ struct ssh_key_struct { void *cert; }; +void ssh_pki_log(const char *format, ...); + /* internal pki functions */ ssh_key pki_key_dup(const ssh_key key, int demote); @@ -74,9 +76,10 @@ ssh_public_key ssh_pki_convert_key_to_publickey(ssh_key key); ssh_private_key ssh_pki_convert_key_to_privatekey(ssh_key key); -ssh_key pki_private_key_from_base64(ssh_session session, - const char *b64_key, - const char *passphrase); +ssh_key pki_private_key_from_base64(const char *b64_key, + const char *passphrase, + ssh_auth_callback auth_fn, + void *auth_data); struct signature_struct *pki_do_sign(const ssh_key privatekey, const unsigned char *hash); @@ -172,7 +172,11 @@ int ssh_bind_listen(ssh_bind sshbind) { } if (sshbind->dsakey) { - rc = ssh_pki_import_privkey_file((ssh_session)sshbind, sshbind->dsakey, NULL, &sshbind->dsa); + rc = ssh_pki_import_privkey_file(sshbind->dsakey, + NULL, + NULL, + NULL, + &sshbind->dsa); if (rc == SSH_ERROR) { return SSH_ERROR; } @@ -184,7 +188,11 @@ int ssh_bind_listen(ssh_bind sshbind) { } if (sshbind->rsakey) { - rc = ssh_pki_import_privkey_file((ssh_session)sshbind, sshbind->rsakey, NULL, &sshbind->rsa); + rc = ssh_pki_import_privkey_file(sshbind->rsakey, + NULL, + NULL, + NULL, + &sshbind->rsa); if (rc == SSH_ERROR) { return SSH_ERROR; } diff --git a/src/legacy.c b/src/legacy.c index ac9ace1..3285557 100644 --- a/src/legacy.c +++ b/src/legacy.c @@ -27,6 +27,7 @@ #include "config.h" #include <libssh/priv.h> +#include <libssh/session.h> #include <libssh/server.h> #include <libssh/buffer.h> #include <libssh/pki.h> @@ -239,12 +240,19 @@ ssh_private_key privatekey_from_base64(ssh_session session, const char *b64_pkey, int type, const char *passphrase) { + ssh_auth_callback auth_fn = NULL; + void *auth_data = NULL; ssh_private_key privkey; ssh_key key; (void) type; /* unused */ - key = pki_private_key_from_base64(session, b64_pkey, passphrase); + if (session->common.callbacks) { + auth_fn = session->common.callbacks->auth_function; + auth_data = session->common.callbacks->userdata; + } + + key = pki_private_key_from_base64(b64_pkey, passphrase, auth_fn, auth_data); if (key == NULL) { return NULL; } @@ -266,13 +274,25 @@ ssh_private_key privatekey_from_file(ssh_session session, const char *filename, int type, const char *passphrase) { - ssh_key key; + ssh_auth_callback auth_fn = NULL; + void *auth_data = NULL; ssh_private_key privkey; + ssh_key key; int rc; (void) type; /* unused */ - rc = ssh_pki_import_privkey_file(session, filename, passphrase, &key); + if (session->common.callbacks) { + auth_fn = session->common.callbacks->auth_function; + auth_data = session->common.callbacks->userdata; + } + + + rc = ssh_pki_import_privkey_file(filename, + passphrase, + auth_fn, + auth_data, + &key); if (rc == SSH_ERROR) { return NULL; } @@ -40,17 +40,29 @@ #include <sys/types.h> #include "libssh/libssh.h" +#include "libssh/callbacks.h" #include "libssh/session.h" #include "libssh/priv.h" #include "libssh/pki.h" #include "libssh/keys.h" #include "libssh/buffer.h" +void ssh_pki_log(const char *format, ...) +{ #ifdef DEBUG_CRYPTO -#define ssh_pki_log(fmt, ...) fprintf(stderr, fmt, ##__VA_ARGS__); + char buffer[1024]; + va_list va; + + va_start(va, format); + vsnprintf(buffer, sizeof(buffer), format, va); + va_end(va); + + fprintf(stderr, "%s\n", buffer); #else -#define ssh_pki_log(fmt, ...) + (void) format; #endif + return; +} enum ssh_keytypes_e pki_privatekey_type_from_string(const char *privkey) { if (strncmp(privkey, DSA_HEADER_BEGIN, strlen(DSA_HEADER_BEGIN)) == 0) { @@ -217,16 +229,64 @@ int ssh_key_is_private(const ssh_key k) { } /** - * @brief Import a key from a file. + * @brief import a base64 formated key from a memory c-string + * + * @param[in] b64_key The c-string holding the base64 encoded key + * + * @param[in] passphrase The passphrase to decrypt the key, or NULL + * + * @param[in] auth_fn An auth function you may want to use or NULL. + * + * @param[in] auth_data Private data passed to the auth function. + * + * @param[out] pkey A pointer where the key can be stored. You need + * to free the memory. + * + * @return SSH_ERROR in case of error, SSH_OK otherwise. * - * @param[in] session The SSH Session to use. If a authentication callback is - * set, it will be used to ask for the passphrase. + * @see ssh_key_free() + */ +int ssh_pki_import_privkey_base64(const char *b64_key, + const char *passphrase, + ssh_auth_callback auth_fn, + void *auth_data, + ssh_key *pkey) +{ + ssh_key key; + + if (b64_key == NULL || pkey == NULL) { + return SSH_ERROR; + } + + if (b64_key == NULL || !*b64_key) { + return SSH_ERROR; + } + + ssh_pki_log("Trying to decode privkey passphrase=%s", + passphrase ? "true" : "false"); + + key = pki_private_key_from_base64(b64_key, passphrase, auth_fn, auth_data); + if (key == NULL) { + return SSH_ERROR; + } + + *pkey = key; + + return SSH_OK; +} + +/** + * @brief Import a key from a file. * * @param[in] filename The filename of the the private key. * * @param[in] passphrase The passphrase to decrypt the private key. Set to NULL * if none is needed or it is unknown. * + * @param[in] auth_fn An auth function you may want to use or NULL. + * + * @param[in] auth_data Private data passed to the auth function. + * * @param[out] pkey A pointer to store the ssh_key. You need to free the * key. * @@ -234,9 +294,10 @@ int ssh_key_is_private(const ssh_key k) { * * @see ssh_key_free() **/ -int ssh_pki_import_privkey_file(ssh_session session, - const char *filename, +int ssh_pki_import_privkey_file(const char *filename, const char *passphrase, + ssh_auth_callback auth_fn, + void *auth_data, ssh_key *pkey) { struct stat sb; char *key_buf; @@ -245,34 +306,28 @@ int ssh_pki_import_privkey_file(ssh_session session, off_t size; int rc; - if (session == NULL || pkey == NULL) { - return SSH_ERROR; - } - - if (filename == NULL || *filename == '\0') { + if (pkey == NULL || filename == NULL || *filename == '\0') { return SSH_ERROR; } rc = stat(filename, &sb); if (rc < 0) { - ssh_set_error(session, SSH_REQUEST_DENIED, - "Error gettint stat of %s: %s", - filename, strerror(errno)); + ssh_pki_log("Error gettint stat of %s: %s", + filename, strerror(errno)); return SSH_ERROR; } file = fopen(filename, "r"); if (file == NULL) { - ssh_set_error(session, SSH_REQUEST_DENIED, - "Error opening %s: %s", - filename, strerror(errno)); + ssh_pki_log("Error opening %s: %s", + filename, strerror(errno)); return SSH_ERROR; } key_buf = malloc(sb.st_size + 1); if (key_buf == NULL) { fclose(file); - ssh_set_error_oom(session); + ssh_pki_log("Out of memory!"); return SSH_ERROR; } @@ -281,13 +336,12 @@ int ssh_pki_import_privkey_file(ssh_session session, if (size != sb.st_size) { SAFE_FREE(key_buf); - ssh_set_error(session, SSH_FATAL, - "Error reading %s: %s", - filename, strerror(errno)); + ssh_pki_log("Error reading %s: %s", + filename, strerror(errno)); return SSH_ERROR; } - key = pki_private_key_from_base64(session, key_buf, passphrase); + key = pki_private_key_from_base64(key_buf, passphrase, auth_fn, auth_data); SAFE_FREE(key_buf); if (key == NULL) { return SSH_ERROR; @@ -335,46 +389,6 @@ ssh_private_key ssh_pki_convert_key_to_privatekey(const ssh_key key) { return privkey; } -/** - * @brief import a base64 formated key from a memory c-string - * - * @param session The ssh session - * @param b64_key The c-string holding the base64 encoded key - * @param passphrase The passphrase to decrypt the key, or NULL - * @param pkey A pointer where the key can be stored. You need - * to free the memory. - * - * @return SSH_ERROR in case of error, SSH_OK otherwise - * - * @see ssh_key_free() - */ -int ssh_pki_import_privkey_base64(ssh_session session, - const char *b64_key, - const char *passphrase, - ssh_key *pkey) { - ssh_key key; - - if (pkey == NULL || session == NULL) { - return SSH_ERROR; - } - - if (b64_key == NULL || !*b64_key) { - return SSH_ERROR; - } - - ssh_pki_log("Trying to decode privkey passphrase=%s", - passphrase ? "true" : "false"); - - key = pki_private_key_from_base64(session, b64_key, passphrase); - if (key == NULL) { - return SSH_ERROR; - } - - *pkey = key; - - return SSH_OK; -} - static int pki_import_pubkey_buffer(ssh_session session, ssh_buffer buffer, enum ssh_keytypes_e type, diff --git a/src/pki_crypto.c b/src/pki_crypto.c index 5345e94..64ffdc0 100644 --- a/src/pki_crypto.c +++ b/src/pki_crypto.c @@ -39,8 +39,13 @@ #include "libssh/keys.h" #include "libssh/dh.h" +struct pem_get_password_struct { + ssh_auth_callback fn; + void *data; +}; + static int pem_get_password(char *buf, int size, int rwflag, void *userdata) { - ssh_session session = userdata; + struct pem_get_password_struct *pgp = userdata; (void) rwflag; /* unused */ @@ -48,18 +53,13 @@ static int pem_get_password(char *buf, int size, int rwflag, void *userdata) { return 0; } - ssh_log(session, SSH_LOG_RARE, - "Trying to call external authentication function"); - memset(buf, '\0', size); - if (session && - session->common.callbacks && - session->common.callbacks->auth_function) { + if (pgp) { int rc; - rc = session->common.callbacks->auth_function("Passphrase for private key:", - buf, size, 0, 0, - session->common.callbacks->userdata); + rc = pgp->fn("Passphrase for private key:", + buf, size, 0, 0, + pgp->data); if (rc == 0) { return strlen(buf); } @@ -208,9 +208,10 @@ fail: return NULL; } -ssh_key pki_private_key_from_base64(ssh_session session, - const char *b64_key, - const char *passphrase) { +ssh_key pki_private_key_from_base64(const char *b64_key, + const char *passphrase, + ssh_auth_callback auth_fn, + void *auth_data) { BIO *mem = NULL; DSA *dsa = NULL; RSA *rsa = NULL; @@ -224,7 +225,7 @@ ssh_key pki_private_key_from_base64(ssh_session session, type = pki_privatekey_type_from_string(b64_key); if (type == SSH_KEYTYPE_UNKNOWN) { - ssh_set_error(session, SSH_FATAL, "Unknown or invalid private key."); + ssh_pki_log("Unknown or invalid private key."); return NULL; } @@ -233,8 +234,10 @@ ssh_key pki_private_key_from_base64(ssh_session session, switch (type) { case SSH_KEYTYPE_DSS: if (passphrase == NULL) { - if (session->common.callbacks && session->common.callbacks->auth_function) { - dsa = PEM_read_bio_DSAPrivateKey(mem, NULL, pem_get_password, session); + if (auth_fn) { + struct pem_get_password_struct pgp = { auth_fn, auth_data }; + + dsa = PEM_read_bio_DSAPrivateKey(mem, NULL, pem_get_password, &pgp); } else { /* openssl uses its own callback to get the passphrase here */ dsa = PEM_read_bio_DSAPrivateKey(mem, NULL, NULL, NULL); @@ -246,9 +249,8 @@ ssh_key pki_private_key_from_base64(ssh_session session, BIO_free(mem); if (dsa == NULL) { - ssh_set_error(session, SSH_FATAL, - "Parsing private key: %s", - ERR_error_string(ERR_get_error(), NULL)); + ssh_pki_log("Parsing private key: %s", + ERR_error_string(ERR_get_error(), NULL)); return NULL; } @@ -256,8 +258,10 @@ ssh_key pki_private_key_from_base64(ssh_session session, case SSH_KEYTYPE_RSA: case SSH_KEYTYPE_RSA1: if (passphrase == NULL) { - if (session->common.callbacks && session->common.callbacks->auth_function) { - rsa = PEM_read_bio_RSAPrivateKey(mem, NULL, pem_get_password, session); + if (auth_fn) { + struct pem_get_password_struct pgp = { auth_fn, auth_data }; + + rsa = PEM_read_bio_RSAPrivateKey(mem, NULL, pem_get_password, &pgp); } else { /* openssl uses its own callback to get the passphrase here */ rsa = PEM_read_bio_RSAPrivateKey(mem, NULL, NULL, NULL); @@ -269,9 +273,8 @@ ssh_key pki_private_key_from_base64(ssh_session session, BIO_free(mem); if (rsa == NULL) { - ssh_set_error(session, SSH_FATAL, - "Parsing private key: %s", - ERR_error_string(ERR_get_error(),NULL)); + ssh_pki_log("Parsing private key: %s", + ERR_error_string(ERR_get_error(),NULL)); return NULL; } @@ -279,8 +282,7 @@ ssh_key pki_private_key_from_base64(ssh_session session, case SSH_KEYTYPE_ECDSA: case SSH_KEYTYPE_UNKNOWN: BIO_free(mem); - ssh_set_error(session, SSH_FATAL, - "Unkown or invalid private key type %d", type); + ssh_pki_log("Unkown or invalid private key type %d", type); return NULL; } diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c index 6cac8f6..5470d11 100644 --- a/src/pki_gcrypt.c +++ b/src/pki_gcrypt.c @@ -603,9 +603,11 @@ error: return rc; } -ssh_key pki_private_key_from_base64(ssh_session session, - const char *b64_key, - const char *passphrase) { +ssh_key pki_private_key_from_base64(const char *b64_key, + const char *passphrase, + ssh_auth_callback auth_fn, + void *auth_data) +{ ssh_auth_callback auth_cb = NULL; void *auth_ud = NULL; @@ -622,20 +624,16 @@ ssh_key pki_private_key_from_base64(ssh_session session, type = pki_privatekey_type_from_string(b64_key); if (type == SSH_KEYTYPE_UNKNOWN) { - ssh_set_error(session, SSH_FATAL, "Unknown or invalid private key."); + ssh_pki_log("Unknown or invalid private key."); return NULL; } switch (type) { case SSH_KEYTYPE_DSS: if (passphrase == NULL) { - if (session->common.callbacks && - session->common.callbacks->auth_function) { - auth_cb = session->common.callbacks->auth_function; - auth_ud = session->common.callbacks->userdata; - - valid = b64decode_dsa_privatekey(b64_key, &dsa, auth_cb, - auth_ud, "Passphrase for private key:"); + if (auth_fn) { + valid = b64decode_dsa_privatekey(b64_key, &dsa, auth_fn, + auth_data, "Passphrase for private key:"); } else { valid = b64decode_dsa_privatekey(b64_key, &dsa, NULL, NULL, NULL); @@ -646,19 +644,16 @@ ssh_key pki_private_key_from_base64(ssh_session session, } if (!valid) { - ssh_set_error(session, SSH_FATAL, "Parsing private key"); + ssh_pki_log("Parsing private key"); goto fail; } break; case SSH_KEYTYPE_RSA: case SSH_KEYTYPE_RSA1: if (passphrase == NULL) { - if (session->common.callbacks && - session->common.callbacks->auth_function) { - auth_cb = session->common.callbacks->auth_function; - auth_ud = session->common.callbacks->userdata; - valid = b64decode_rsa_privatekey(b64_key, &rsa, auth_cb, - auth_ud, "Passphrase for private key:"); + if (auth_fn) { + valid = b64decode_rsa_privatekey(b64_key, &rsa, auth_fn, + auth_data, "Passphrase for private key:"); } else { valid = b64decode_rsa_privatekey(b64_key, &rsa, NULL, NULL, NULL); @@ -669,14 +664,13 @@ ssh_key pki_private_key_from_base64(ssh_session session, } if (!valid) { - ssh_set_error(session,SSH_FATAL, "Parsing private key"); + ssh_pki_log("Parsing private key"); goto fail; } break; case SSH_KEYTYPE_ECDSA: case SSH_KEYTYPE_UNKNOWN: - ssh_set_error(session, SSH_FATAL, - "Unkown or invalid private key type %d", type); + ssh_pki_log("Unkown or invalid private key type %d", type); return NULL; } diff --git a/tests/unittests/torture_pki.c b/tests/unittests/torture_pki.c index fca7c72..007b509 100644 --- a/tests/unittests/torture_pki.c +++ b/tests/unittests/torture_pki.c @@ -103,7 +103,7 @@ static void torture_pki_import_privkey_base64_RSA(void **state) { key_str = read_file(LIBSSH_RSA_TESTKEY); assert_true(key_str != NULL); - rc = ssh_pki_import_privkey_base64(session, key_str, passphrase, &key); + rc = ssh_pki_import_privkey_base64(key_str, passphrase, NULL, NULL, &key); assert_true(rc == 0); free(key_str); @@ -124,26 +124,7 @@ static void torture_pki_import_privkey_base64_NULL_key(void **state) { assert_true(key != NULL); /* test if it returns -1 if key is NULL */ - rc = ssh_pki_import_privkey_base64(session, key_str, passphrase, NULL); - assert_true(rc == -1); - - free(key_str); - ssh_key_free(key); -} - -static void torture_pki_import_privkey_base64_NULL_session(void **state) { - ssh_session session = *state; - int rc; - char *key_str; - ssh_key key = NULL; - const char *passphrase = LIBSSH_PASSPHRASE; - - key_str = read_file(LIBSSH_RSA_TESTKEY); - assert_true(key_str != NULL); - - /* test if it returns -1 if session is NULL */ - (void)session; - rc = ssh_pki_import_privkey_base64(NULL, key_str, passphrase, &key); + rc = ssh_pki_import_privkey_base64(key_str, passphrase, NULL, NULL, NULL); assert_true(rc == -1); free(key_str); @@ -161,7 +142,7 @@ static void torture_pki_import_privkey_base64_NULL_str(void **state) { assert_true(key_str != NULL); /* test if it returns -1 if key_str is NULL */ - rc = ssh_pki_import_privkey_base64(session, NULL, passphrase, &key); + rc = ssh_pki_import_privkey_base64(NULL, passphrase, NULL, NULL, &key); assert_true(rc == -1); free(key_str); @@ -178,7 +159,7 @@ static void torture_pki_import_privkey_base64_DSA(void **state) { key_str = read_file(LIBSSH_DSA_TESTKEY); assert_true(key_str != NULL); - rc = ssh_pki_import_privkey_base64(session, key_str, passphrase, &key); + rc = ssh_pki_import_privkey_base64(key_str, passphrase, NULL, NULL, &key); assert_true(rc == 0); free(key_str); @@ -195,18 +176,19 @@ static void torture_pki_import_privkey_base64_passphrase(void **state) { key_str = read_file(LIBSSH_RSA_TESTKEY); assert_true(key_str != NULL); - rc = ssh_pki_import_privkey_base64(session, key_str, passphrase, &key); + rc = ssh_pki_import_privkey_base64(key_str, passphrase, NULL, NULL, &key); assert_true(rc == 0); ssh_key_free(key); /* test if it returns -1 if passphrase is wrong */ - rc = ssh_pki_import_privkey_base64(session, key_str, "wrong passphrase !!", &key); + rc = ssh_pki_import_privkey_base64(key_str, "wrong passphrase !!", NULL, + NULL, &key); assert_true(rc == -1); #ifndef HAVE_LIBCRYPTO /* test if it returns -1 if passphrase is NULL */ /* libcrypto asks for a passphrase, so skip this test */ - rc = ssh_pki_import_privkey_base64(session, key_str, NULL, &key); + rc = ssh_pki_import_privkey_base64(key_str, NULL, NULL, NULL, &key); assert_true(rc == -1); #endif @@ -216,18 +198,18 @@ static void torture_pki_import_privkey_base64_passphrase(void **state) { key_str = read_file(LIBSSH_DSA_TESTKEY); assert_true(key_str != NULL); - rc = ssh_pki_import_privkey_base64(session, key_str, passphrase, &key); + rc = ssh_pki_import_privkey_base64(key_str, passphrase, NULL, NULL, &key); assert_true(rc == 0); ssh_key_free(key); /* test if it returns -1 if passphrase is wrong */ - rc = ssh_pki_import_privkey_base64(session, key_str, "wrong passphrase !!", &key); + rc = ssh_pki_import_privkey_base64(key_str, "wrong passphrase !!", NULL, NULL, &key); assert_true(rc == -1); #ifndef HAVE_LIBCRYPTO /* test if it returns -1 if passphrase is NULL */ /* libcrypto asks for a passphrase, so skip this test */ - rc = ssh_pki_import_privkey_base64(session, key_str, NULL, &key); + rc = ssh_pki_import_privkey_base64(key_str, NULL, NULL, NULL, &key); assert_true(rc == -1); #endif @@ -245,7 +227,7 @@ static void torture_pki_pki_publickey_from_privatekey_RSA(void **state) { key_str = read_file(LIBSSH_RSA_TESTKEY); assert_true(key_str != NULL); - rc = ssh_pki_import_privkey_base64(session, key_str, passphrase, &key); + rc = ssh_pki_import_privkey_base64(key_str, passphrase, NULL, NULL, &key); assert_true(rc == 0); pubkey = ssh_pki_publickey_from_privatekey(key); @@ -267,7 +249,7 @@ static void torture_pki_pki_publickey_from_privatekey_DSA(void **state) { key_str = read_file(LIBSSH_DSA_TESTKEY); assert_true(key_str != NULL); - rc = ssh_pki_import_privkey_base64(session, key_str, passphrase, &key); + rc = ssh_pki_import_privkey_base64(key_str, passphrase, NULL, NULL, &key); assert_true(rc == 0); pubkey = ssh_pki_publickey_from_privatekey(key); @@ -360,9 +342,6 @@ int torture_run_tests(void) { unit_test_setup_teardown(torture_pki_import_privkey_base64_NULL_key, setup_rsa_key, teardown), - unit_test_setup_teardown(torture_pki_import_privkey_base64_NULL_session, - setup_rsa_key, - teardown), unit_test_setup_teardown(torture_pki_import_privkey_base64_NULL_str, setup_rsa_key, teardown), |